Package org.forgerock.opendj.rest2ldap.authz

Class AuthenticationStrategies

java.lang.Object
org.forgerock.opendj.rest2ldap.authz.AuthenticationStrategies
public final class AuthenticationStrategies extends Object
Factory methods of AuthenticationStrategy allowing to perform authentication against LDAP server through different method.

  • Method Details

    • newSimpleBindStrategy

      public static AuthenticationStrategy newSimpleBindStrategy(org.forgerock.opendj.ldap.ConnectionFactory connectionFactory, String bindDNTemplate, org.forgerock.opendj.ldap.schema.Schema schema)
      Creates an AuthenticationStrategy performing simple BIND authentication against an LDAP server.
      Parameters:
      connectionFactory - ConnectionFactory to the LDAP server used to perform the bind operation.
      bindDNTemplate - Tempalte of the DN to use for the bind operation. The first %s will be replaced by the provided authentication-id (i.e: uid=%s,dc=example,dc=com)
      schema - Schema used to validate the DN format.*
      Returns:
      a new simple bind AuthenticationStrategy
      Throws:
      NullPointerException - If a parameter is null

    • newSearchThenBindStrategy

      public static AuthenticationStrategy newSearchThenBindStrategy(org.forgerock.opendj.ldap.ConnectionFactory searchConnectionFactory, org.forgerock.opendj.ldap.ConnectionFactory bindConnectionFactory, org.forgerock.opendj.ldap.DN baseDN, org.forgerock.opendj.ldap.SearchScope searchScope, String filterTemplate)
      Creates an AuthenticationStrategy performing authentication against an LDAP server by first performing a lookup of the entry to bind with. This is to find the user DN to bind with from its metadata (i.e: email address).
      Parameters:
      searchConnectionFactory - ConnectionFactory to the LDAP server used to perform the lookup of the entry.
      bindConnectionFactory - ConnectionFactory to the LDAP server used to perform the bind one the user's DN has been found. Can be the same than the searchConnectionFactory.
      baseDN - Base DN of the search request performed to find the user's DN.
      searchScope - SearchScope of the search request performed to find the user's DN.
      filterTemplate - Filter of the search request (i.e: (&(email=%s)(objectClass=inetOrgPerson)) where the first %s will be replaced by the user's provided authentication-id.
      Returns:
      a new search then bind AuthenticationStrategy
      Throws:
      NullPointerException - If a parameter is null

    • newSaslPlainStrategy

      public static AuthenticationStrategy newSaslPlainStrategy(org.forgerock.opendj.ldap.ConnectionFactory connectionFactory, org.forgerock.opendj.ldap.schema.Schema schema, String authcIdTemplate)
      Creates an AuthenticationStrategy performing authentication against an LDAP server using a plain SASL bind request.
      Parameters:
      connectionFactory - ConnectionFactory to the LDAP server to authenticate with.
      schema - Schema used to perform DN validation.
      authcIdTemplate - Authentication identity template containing a single %s which will be replaced by the authenticating user's name. (i.e: (u:%s)
      Returns:
      a new SASL plain bind AuthenticationStrategy
      Throws:
      NullPointerException - If a parameter is null